JLSEC-2025-309

There exists one heap buffer overflow in _TIFFmemcpy in tif_unix.c in libtiff 4.0.10, which allows a...

JLSEC Published: Nov 25, 2025
Modified: Nov 25, 2025
Affected Packages: Libtiff_jll < 4.1.0+0
Aliases / Upstream: CVE-2020-18768

There exists one heap buffer overflow in TIFFmemcpy in tifunix.c in libtiff 4.0.10, which allows an attacker to cause a denial-of-service through a crafted tiff file.

References

http://bugzilla.maptools.org/show_bug.cgi?id=2848
http://bugzilla.maptools.org/show_bug.cgi?id=2848